> The Beta and Release versions of Firefox based on 42 and above (Beta 42 will be released at the same time as Firefox 41) will remove the preference that allows unsigned extensions to be installed, and will disable and/or prevent the installation of unsigned extensions.
This is very bad news for me. I'm a power user that prefers the balance of new features/chance of breakage that the Beta channel offers and I take full responsibility for the addons I install and the security decisions I make. I don't need Mozilla to be "defending" me in this case.
«The Nightly and Developer Editions of Firefox based on 42 and above will retain the preference to disable signing enforcement, allowing the development and/or use of unsigned add-ons in those versions»
So I think running the Developer Edition (which I expect to be much more stable than Nightly) is probably your best bet.
The thing is, I'm not a web developer and I don't think I should be forced to use the Developer Edition just so I can remain in charge of what I install in my browser. Now that I'm writing this it occurs to me that after this change it's not really my browser anymore, is it?
I hear you on the control thing. You mention you are a power user above so my two cents is that likely puts you outside of the user base Mozilla covets. In the last couple years, the words "Firefox" and "power user" went hand-and-hand but I'd wager Mozilla would trade customer bases with Google in a heartbeat.
FWIW, the Developer Edition feels pretty lean and mean. I haven't tried since I am a web developer, but it looks like you can remove most or all of the parts that make it web developer-y if you are so inclined.
"You mention you are a power user above so my two cents is that likely puts you outside of the user base Mozilla covets."
Mozilla's business model needs users who can't figure out how to turn off Yahoo search. That pays for their new Firefox offices on the waterfront in San Francisco.[1]
I've ran Nightly and Aurora (which is now Developer Edition) for a while but extensions/themes broke more often than I'd have liked because there was too little time for extension devs to update their extensions in case incompatible changes were introduced.
I don't know if they'll offer each permutation of all those possibilities. I don't see why not though, it's just a little more build time.
In any case, if the specific combination of features you want is missing, the option to build from source is always there. (At least on Linux, building Firefox is also pretty easy.)
That doesn't sound like an option that will fork for my use-case - I manage a bunch of Windows machines; if we upgrade Firefox to "Noname Browser" with a different icon, the users will be confused and unable to find it.
i tried running firefox developer for a while and since it's based on the alpha code, it broke all my extensions on each update. so yeah, i'm a power user (i run 3 custom extensions that i wrote, pentadactyl and dotjs) but it's not feasible for me to keep running developer.
Agree. And as someone who's been running the Developer Edition as his primary browser for some time, I'm happy to report that it has been by enlarge reasonably stable--even though I've had e10s enabled.
This was true for me until the most recent major version (42.x) that broke the Tree Style Tabs extension. My whole browsing workflow depends heavily on that extension, so I had to revert to using the stable version for now.
https://github.com/piroor/treestyletab master works fine; you just have to clone it and replace extensions/treestyletab@piro.sakura.ne.jp in your profile.
I also used to rely pretty heavily on Tree Style Tabs. With the release of 42 I've been using tab groups (cmd+shift+e) with pretty satisfactory results.
e: cmd+shift+e assumes a Mac. Not sure what other systems use.
Hmm, i'll have to try that thanks for the heads up.
Losing tree style tabs in 42 has made me nervous, it was the primary reason I love firefox. Without that most of the why in using firefox goes away for me.
As I understand, the author's opinion is that Adobe Reader is more secure than pdf.js. I'm not sure I would trust them with maintaining a secure browser in light of that.
Their monetization model is also questionable (I understand it injects ads / referral links).
Never heard of it, quick scan of the page seems to indicate that it is windows/linux only though? I did a quick look at the download page and didn't see an osx build.
That is overall fine but I like to keep my browsers portable across all of my primary operating systems.
The Developer Edition won't help much if plugins that don't fit the new API are abandoned, which strikes me as a likely occurrence. I don't think many will bother to maintain non-developer-oriented plugins just for those using the Developer Edition.
One reason for add-on signing is that there's a major attack on Firefox using stolen add-on IDs to insert malware. This started in early 2015, and one of my add-ons has about one-third bogus versions out there. They all have different random version numbers, typically above 1000. Those are about to get flushed out of the ecosystem.
Whether add-on signing is part of a power trip at Mozilla to enforce a walled garden with Mozilla-favorable policies remains to be seen. When Mozilla blocks an add-on which disables Pocket or Sync or Hello, we'll know that AMO has turned to the dark side.
That could presumably be solved by allowing developers to sign their own add-ons and tying the ID to the key they used to sign it - it doesn't require a centralised signing system of the kind Mozilla introduced.
Fully agree. On Mac OS X you can still run unsigned apps, but you have to be savvy enough to do so. Mozilla should at the very least adopt such an approach.
A big problem for a lot of Firefox users is addons that are side-loaded into a profile. Like when you download some junk and it comes with an installer that injects an addon into your profile. This is a good expose on what even a seemingly legitimate site like download.com does: http://www.howtogeek.com/198622/heres-what-happens-when-you-... (and several of the malware examples in that article are side-loaded addons).
Unfortunately hoops aren't enough to fix this problem, because hoops generally involve some flag that you've gone through the hoop, and the installer can easily fake that.
Couldn't those installers patch Firefox to remove the signing requirement? Or, if they don't get sufficient privileges to modify the executable, patch the user's Firefox process in memory?
Yeah, this might end up being just a salvo in a longer battle. But maybe part of the problem is that some of these malware authors are lying to themselves and believe they are just grayhat hackers, and once you start patching executables it becomes a bit clearer you are a blackhat. So far download.com isn't distributing actual rootkits. They could of course. And yet still they probably won't.
Relatedly I did notice when putting my own addon through the signing process that there was a checkbox specifically for sideloaded addons, with the implication that the checks would be even more stringent. I'm not sure if that's enforced or not, or how.
I don’t see how antivirus software completely failing to protect its users from “easy” attacks (rogue extension drops) should inspire any confidence they can protect you from more sophisticated attacks. Oh yeah this gun is useless now, but wait till they roll in with tanks!
Never mind the entire idea of antivirus software is completely ridiculous from security PoV and basically a scam to have people pay for a false sense of security.
no, because then any malware would immediately install that extension first, and then flip the about:config bit on the filesystem, and then install their extension, and then you're right back where you were before signing.
Allow enterprise users to generate firefox executables with additional trusted certificates and distribute that on their machines instead of the original?
do you think people will do that, or just give up and use another browser?
then with everyone developing exclusively in chrome, any bug in firefox will be ignored as everyone adds a note to their support staff to 'just tell users to use chrome'
This is very bad news for me. I'm a power user that prefers the balance of new features/chance of breakage that the Beta channel offers and I take full responsibility for the addons I install and the security decisions I make. I don't need Mozilla to be "defending" me in this case.